Oval Definition:oval:org.mitre.oval:def:12656
Revision Date:2014-06-23Version:19
Title:DSA-1958-1 libtool -- privilege escalation
Description:It was discovered that ltdl, a system-independent dlopen wrapper for GNU libtool, can be tricked to load and run modules from an arbitrary directory, which might be used to execute arbitrary code with the privileges of the user running an application that uses libltdl. For the stable distribution, this problem has been fixed in version 1.5.26-4+lenny1. For the oldstable distribution, this problem has been fixed in version 1.5.22-4+etch1. For the testing distribution and unstable distribution, this problem has been fixed in 2.2.6b-1. We recommend that you upgrade your libtool packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-3736
DSA-1958-1
Platform(s):Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s):libtool
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND libtool-doc DPKG is earlier than 1.5.26-4+lenny1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • libltdl3 DPKG is earlier than 1.5.26-4+lenny1
  • OR libltdl3-dev DPKG is earlier than 1.5.26-4+lenny1
  • OR libtool DPKG is earlier than 1.5.26-4+lenny1
  • OR Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND libtool-doc DPKG is earlier than 1.5.22-4+etch1
  • OR libltdl3 DPKG is earlier than 1.5.22-4+etch1
  • OR libltdl3-dev DPKG is earlier than 1.5.22-4+etch1
  • OR libtool DPKG is earlier than 1.5.22-4+etch1
    • BACK